Even though deleted, spam returns and MORE

OK I’ve been trying to figure the best way to stop the spam from invading my blog. I turned on moderation and turned off registration. However when I go to delete the comments (each post had 2) the spam comments came back with a vengence and now there are 5 and 6 comments on some posts!
HOW can I get rid of these comments without making things worse? There’s something I’m missing, I’m sure, but I don’t know what. Thanks.

There is no way to not make it worse since the spam itself is not under your contorl :p As most of us have found it, the spam does keep on coming but you can do a few things to make it being an annoyance. Some of these things however will depend on your level of competency with PHP and server-side mucking around …
1. Change the variable names used for the comment post form in wp-comments-post.php and modify any other relevant files which use those variables.
2. Change the name of the wp-comments-post.php file and modify the two other core WP files which point to this file to use the new name.
3. Implement a spider trap as mentioned in this blog entry so that any spider looking for wp-comments-post.php (which should be renamed by now – if not, don’t do this) gets banned.
4. Install WPBlacklist and set it to automatically delete comments which get marked as spam.
Once you do all of the above, you’ll find that while you’ll continue to get spam, it is no longer as much of a nuisance since it is all taken care of by the system :p

OK I’m not all that comfortable yet with php, but I guess I’d better find out. I didn’t know I was going to run into this much trouble or I might have just stuck with my Blogger account. :-\ Anyway I’m here, and I like WP so I need to figure this out.
I tried one of the other tips in one thread but it didn’t work. I have no idea how to go about 1 or 2 (which you’ve stated above). In 1. you said “change the variable names”. From what to what? And how does one find other relevant files? This suggestion was too favgue for me, as was #2.
So if I do the things stated, after blocking the spammer, will I finally be able to delete the spam that are in the current comments?

The reason I left 1 and 2 vague was because I didn’t know your level of competency with PHP. If you don’t know PHP enough, you probably shouldn’t mess with it since now, you at least have a working system – and the spam can be gotten rid of in other ways … such as following step 4 🙂
If you install WPBlacklist, it gives you several options – one of which is to search your existing comments based on your blacklist. Once you do that, you can select the comments which are spam from the ones the plugin pulls up based on the search and delete them. You can also set WPBlacklist to automatically delete comments and to e-mail you with a copy of the comments it deleted if you are not comfortable with not knowing what was automatically deleted. Hope some of that at least, helps 🙂

Onethumb, if Hosting Matters has FTP access, then you “get the WPblacklist” like everyone else, by following the instructions.
In case anyone is wondering, here’s an article that goes into detail about why IP banning (spider-traps included) is a bad idea and I do suggest that everyone at least read the first two paragraphs. http://kalsey.com/2004/02/why_ip_banning_is_useless/

I’ve read that article, and I may yet remove some of the IP’s I have banned, but I also have at least one IP range banned.
A user with bredband2 was routinely downloading my entire site again and again – I have no idea why.
I sent access logs to the ISP.
I sent complaints to their abuse address.
I repeatedly asked for assistance.
I got nothing back from them at all.
So I did a whois, got their IP range and banned the lot.
Since I have done this, my bandwidth has reduced to a more normal level. It may not be a great solution for spammers, but for the tosspot who was eating my bandwidth I don’t see how I had a choice.
I do get your point though, and I will carefully reduce my bans. Having said that, I’ve had only 4 spams since January. Whether this is related to my attitude of “One spam and you are IP banned” may not be answerable.

I looked at the various IPs that the Poker Jokers are using. Almost every post uses a different IP and according to WhoIs most of these are certainly not the ones the the Poker Jokers are actually operating from. I suppose they are spoofed.
In light of that I don’t see how WPBlacklist is going to stop them.
It also seems that changing the code “wp-comments-post.php” doesn’t work either.
Why aren’t other blogs suffering the sort of spamming that WP users seem to get? Why can’t this be fixed?
Frustrating

Onethumb, download the wp-comments-post.php file, rename it on your computer, delete the file on the server and upload your renamed file.
Charle97, you’ll notice that blocking IPs is still largely ineffective compared to other SPAM protection methods. Just take the Poker guys who use random IPs as an example.

onethumb: WPBlacklist doesn’t depend just on IP banning to stop spammers -it depends on a list of URLs and regular expressions. These are the key even more so than IPs. While a spammer can spam from many different IPs, the content (or at least the URLs) in his spam has to remain the same – at least for each particular brand of spam. So you keep on building a list of URLs – like online-poker.com and so on and that is how you stop the spam.

On an old MT blog I had about 50-100 total IPs blocked, but still got at least 5 SPAM comments per day from nearly the same sites. Once I opened my WP blog, I used the built in blacklist and got about five SPAM comments sent to moderation each day (only one comment ever made it through). Last week I renamed my wp-comments-post.php file and I haven’t seen a single SPAM comment since. My experience on MT tells me that IP banning is useless and a danger as you could block future users or worse yet, a proxy server (such as the one that all AOL customers use).

You are correct that the renaming trick doesn’t last forever. However, when it stops working, you just rename the file again. It only stops working because the bots eventually learn where your new comment posting .php is located.

Viewing 11 replies - 1 through 11 (of 11 total)

The topic ‘Even though deleted, spam returns and MORE’ is closed to new replies.